The Problem Definition How to prevent Cullen from p0wning all the lightbulbs in the city?

Slides:



Advertisements
Similar presentations
Secure Routing Panel FIND PI Meeting (June 27, 2007) Morley Mao, Jen Rexford, Xiaowei Yang.
Advertisements

Internet Protocol Security (IP Sec)
Microsoft ® Office 2007 Training Security II: Turn off the Message Bar and run code safely P J Human Resources Pte Ltd presents:
COS 461 Fall 1997 Routing COS 461 Fall 1997 Typical Structure.
© 2004 SafeNet, Inc. All rights reserved. Mobike Protocol Design draft-kivinen-mobike-design-00.txt Tero Kivinen
Small(er) Footprint for TLS Implementations Hannes Tschofenig Smart Object Security workshop, March 2012, Paris.
Authentication in Mobile Ad-hoc Network (MANET) Student Ståle Jonny Berget Superviser Chik How Tan.
Digital Identities for Networks and Convergence Joao Girao, Amardeo Sarma.
10/20/2011Pomcor 1 Deployment and Usability of Cryptographic Credentials Francisco Corella Karen Lewison Pomcor.
Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.
RBAC and JXTA 1 Role Based Access Control and the JXTA P2P Framework Mark Stamp Dept. of Computer Science San Jose State University
Friendly Authentication and Communication Experience (Face) for Ubiquitous Authentication on Mobile Devices Author: Benjamin Halpert Presented by: 魏聲尊.
ACE – Design Considerations Corinna Schmitt IETF ACE WG meeting July 23,
1 An overview Always Best Connected Networks Dênio Mariz Igor Chaves Thiago Souto Aug, 2004.
Advanced Metering Infrastructure
Bootstrapping Key Infrastructures Max Pritikin IETF 91, 10 Nov 2014 Aloha!
Windows 2003 and 802.1x Secure Wireless Deployments.
Masud Hasan Secure Project 1. Secure It uses Digital Certificate combined with S/MIME capable clients to digitally sign and.
© Siemens 2006 All Rights Reserved 1 Challenges and Limitations in a Back-End Controlled SmartHome Thesis Work Presentation Niklas Salmela Supervisor:
Russ Housley IETF Chair Founder, Vigil Security, LLC 8 June 2009 NIST Key Management Workshop Key Management in Internet Security Protocols.
SYSTEM ADMINISTRATION Chapter 13 Security Protocols.
Lecture 19 Page 1 CS 111 Online Symmetric Cryptosystems C = E(K,P) P = D(K,C) E() and D() are not necessarily the same operations.
Masud Hasan Secue VS Hushmail Project 2.
Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.
Identity Management Report By Jean Carreon and Marlon Gonzales.
Report from the “Smart Object Security Workshop 23 rd March 2012, Paris” Presenter: Hannes Tschofenig.
MASY: Management of Secret keYs in Mobile Federated Wireless Sensor Networks Jef Maerien IBBT DistriNet Research Group Department of Computer Science Katholieke.
1 TAPAS Workshop Nicola Mezzetti - TAPAS Workshop Bologna Achieving Security and Privacy on the Grid Nicola Mezzetti.
Smart Object Security Workshop 23 rd March 2012, Paris.
Security in Virtual Laboratory System Jan Meizner Supervisor: dr inż. Marian Bubak Consultancy: dr inż. Maciej Malawski Master of Science Thesis.
M i SMob i S Mob i Store - Mobile i nternet File Storage Platform Chetna Kaur.
An Introduction to IBM Systems Director
Created by, Author Name, School Name—State FLUENCY WITH INFORMATION TECNOLOGY Skills, Concepts, and Capabilities.
Distributed systems – Part 2  Bluetooth 4 Anila Mjeda.
Grid Security Issues Shelestov Andrii Space Research Institute NASU-NSAU, Ukraine.
1 C-DAC/Kolkata C-DAC All Rights Reserved Computer Security.
Secure Messaging Workshop The Open Group Messaging Forum February 6, 2003.
July 16, Diameter EAP Application (draft-ietf-aaa-eap-02.txt) on behalf of...
Distributed Authentication in Wireless Mesh Networks Through Kerberos Tickets draft-moustafa-krb-wg-mesh-nw-00.txt Hassnaa Moustafa
Security challenges in Smart Lighting Paul Chilton NXP Semiconductors.
Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.
PAWS: Security Considerations Yizhuang WU, Yang CUI PAWS WG
Chapter 4 Using Encryption in Cryptographic Protocols & Practices.
Getting Started with OPC.NET OPC.NET Software Client Interface Client Base Server Base OPC Wrapper OPC COM Server Server Interface WCF Alternate.
Peering: A Minimalist Approach Rohan Mahy IETF 66 — Speermint WG.
Legion - A Grid OS. Object Model Everything is object Core objects - processing resource– host object - stable storage - vault object - definition of.
Security Challenges for the Internet of Things Tim Polk Sean Turner March 25, 2011.
Securing Passwords Against Dictionary Attacks Presented By Chad Frommeyer.
Guidance of Using Unique Local Addresses draft-liu-v6ops-ula-usage-analysis-05 draft-liu-v6ops-ula-usage-analysis-05 Bing Liu(speaker), Sheng Jiang, Cameron.
Protecting Browsers from Extension Vulnerabilities Paper by: Adam Barth, Adrienne Porter Felt, Prateek Saxena at University of California, Berkeley and.
Wireless and Mobile Security
Creating and Managing Digital Certificates Chapter Eleven.
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential.
1 Trusted Transitive Introduction Max Pritikin (Presentation by Cullen Jennings) Revision A.
3/12/2013Computer Engg, IIT(BHU)1 CLOUD COMPUTING-1.
Presentation at ISMS WG Meeting1 ISMS – March 2005 IETF David T. Perkins.
Security API discussion Group Name: SEC Source: Shingo Fujimoto, FUJITSU Meeting Date: Agenda Item: Security API.
ECC Design Team: Initial Report Brian Minard, Tolga Acar, Tim Polk November 8, 2006.
CloudMAC: Moving MAC frames processing of the Sink to Cloud.
Lightweight security protocols for the IoT
/Reimage-Repair-Tool/ /u/6/b/ /channel/UCo47kkB-idAA-IMJSp0p7tQ /alexwaston14/reimage-system-repair/
By: Brett Belin. Used to be only tackled by highly trained professionals As the internet grew, more and more people became familiar with securing a network.
draft-ietf-simple-message-sessions-00 Ben Campbell
Internet of Things Vulnerabilities
PLUG-N-HARVEST ID: H2020-EU
The main cause for that are the famous phishing attacks, in which the attacker directs users to a fake web page identical to another one and steals the.
Module 2 OBJECTIVE 14: Compare various security mechanisms.
Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Presentation transcript:

The Problem Definition How to prevent Cullen from p0wning all the lightbulbs in the city?

What We Need to Keep Cullen from Doing This 1) Introduce devices to each other 2) Authorize each participant for allowable actions 3) Secure the communications 4) Enforce that all actions are authorized 5) Implement in a set of nodes (some small) … while making sure that re-configuration is possible, user interfaces are usable, you can switch any participant or operator to another, crypto agility can be provided, minimize IPR cost, on widest range of HW,...

Possible Conclusions from the Requirements & Economics Discussion Requirements for each application differ Installation by regular people Need to add devices, change owners, etc. Threats are not just from neighbor's kids Also, e.g., taking-the-grid-down attacks Individual vs. 1 million device users Must worry about business models and partners Open interfaces, few regulations are good

Possible Conclusions from the Implementation Experiences We think we can use the existing algorithms We probably can use the existing protocols Data formats, DTLS, TLS, L2 security, (U)SIM, ikev2, … etc but pick just one per category... but hard to do for L2+some other security Hard for other designs to improve significantly Some areas may need further clarification E.g., using COAP and TLS together Network access security not looked at in the WS Look at the code size of the entire system Including provisioning, authorization, config Focus on the system! Unwanted traffic Energy matters more than code size or time Wireless reception the most expensive task

Possible Conclusions from the Authorization Discussion Important to decide how authorization is decided And how it flows to the PEPs All the above might be application-specific Good to separate capabilities from users E.g. Oauth OAuth is quite browser focused, attribute certs etc were never deployed Possible IETF action? (But how to deploy it?) If you wish to restrict the complexity of your implementation, you will need to restrict your deployment environment (e.g. number of peers) User interface matters Often, devices have no user interface, and all interaction is in the backend Work on introduction models! If we had a taxonomy of introduction, we could provide generic patterns to how you can do authorization under those introduction models Possible IETF activity?

Possible Conclusions from the Imprinting Discussion There is a limited set of solutions Based on whether you assume buttons vs. labels vs. LEDs, multicast discovery, online network availability,... Important to separate vendor and user CAs Labels given to humans should use a checksum A fun area to design protocols in

Possible IETF Actions Protocol-related: Clarifying how to use DTLS with COAP Complete the JOSE work LWIG-like guidance on security protocol impls.? Pairing/imprinting protocols? Is this something IETF can provide additional value in? Is the scenario that Cullen proposed interesting & something that the industry needs? Certificate compression mechanisms? Compression of DTLS over 6Lowpan? (already in RFC?) Making 6lowpan hc recognize ESP Recommendations on how to use network access protocols Security for ROLL/RPL/MANET Higher-level issues: Guidance for introduction models? Question marks: Do we need Oauth-for-IOT? Deployable? The model may be usable outside browsers, but the protocol design does not seem optimized for constrained devices Rene: not all crypto supported by all protocols? Binary curves? (possibly already in DTLS RFC?)

Questions That We Didn't Get To... What about middleboxes

Detailed Notes 1 Paul Chilton, Lighting Has to be installed by the average person Initially no internet access, purely local control, get people familiar with the concept Add a gateway, enable applications, web, … Challenges: ease of commissioning, discovery, ease of re-configuration, device authentication, cost, sleeping and energy harvesting, privacy, … Questions: Then again, these lightbulbs do more than usual ones, so maybe then can be more complex to use. But that would only give us the techie users, not general public... and there is no margin for running a helpdesk Subir: Why connect e2e to each lightbulb, why not to a switch that controls a group of lightbulbs. Cullen thinks that its just more practical to replace lighbulbs than central power equipment Ekr: there are global attacks, e.g., turning on all devices on at the same time, what does that do the grid? Randy: focus on identity, trust, and authorization, not just the lights example. Fred baker thinks that it is useful to think about the example to make something really foolproof but also simple Ekr: I want to understand the threat model. I only want myself to be able to access my devices, unless I explicitly configure additional people. Mark Townsley: iTunes Cullen thinks that we are going to live in a world where if there is no enrollment attackers can do bad things. Ekr thinks that not acceptable.

Detailed Notes 2 Rudolf van Berg, economics & competition The one million device user Lots of discussion about whether sim cards are a good model Voip experience said that operators do not want to open up

Detailed Notes 3 Implementation experience Carsten: Moore's law not going to fix it Discover – imprint – configure DTLS making COAP more complex, more messages, etc. Many ways to use DTLS Ekr questions the choice to run DTLS on top of COAP Minimal DTLS implementation 13K with symmetric crypto only, AES in hw State machine dominates the implementation Hannes: Communication relationships more important than protocols, crypto Lower footprint => fewer functions (PKs, resumption, etc) Mohit: Public key crypto doable at least in some cases on 8-bit CPUs Joules are more important than time or code/time

Detailed Notes 4 Authorization Richard Barnes: Is imprinting all we need? Principals in home: owner, guest, child, neighbor, alarm co, TV, HVAC, smart meter, … From simple models to the next generation. E.g., from passwords to Oauth OAuth allows separating capabilities from users, e.g., give your TV access to netflix Questions: Where does identity come from? Hashes and bar codes? Who makes authorization decisions? Where is authorization checked? Is any of this general, or all application-specific Cullen: What do the user interfaces look like? Michael: configuration and authorship happens in ”home depot” web site Michael: need to get on first to ”guest” network so that it can call home depot Carsten: very important to design for choice Jan Open questions: what protocol to use for attribute-based AC? Mapping of credentials to COAP/HTTP requests Standardized authorization policy formats have not been deployed Other Is typing in serial numbers feasible, or are there better approaches?

What We Learned Challenges We need solutions that can be installed by the average person Interoperability in a multi-vendor environment The 1 million device users There are significant grid & local damage attacks that we have to worry about Make it simple and secure. The challenge. Implementation sizes: DTLS from 13K up Useless to discussion protocols alone, have to understand what the whole system needs to do, incl. provisioning, etc. Then we know code sizes, ease of use, etc. Roundtrips vs. Memory size vs. Message sizes; message sizes are important Sam worries about combining large scale deployments and claims about knowing how we can restrict to constrained devices. Suggests that restricting the number of parties that devices need to talk to is going to be useful.

Working Solutions Provisioning & authorization A box of lightbulbs, configured to work together at the factory (Paul) ”Things” tied to the owner upon purchase time at iTunes shop etc (Mark) Restricting nodes that devices need to talk to (Sam) Protocols DTLS, TLS Data-object security OAuth Hard to see other designs that would be significantly better Crypto Standard crypto operations PK operations, even on 8-bit CPUs (infrequently, with ECC, etc)

Questions to Answer & Problems to Solve What is an acceptable level of security? How do I add new devices to an existing network? How do I authorize an Android device to control a home automation setup? Can I build a system for my house that does not require a third party? Security and middleboxes?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.